Can I use TLS 1.2 instead of SHA-1

Discussion in 'General' started by cansin, Jul 26, 2015.

  1. cansin

    cansin New Member

    Hello, I set up a free ssl certificate on my website using this tutorial: howtoforge.com/securing-your-ispconfig-3-installation-with-a-free-class1-ssl-certificate-from-startssl I was thinking that my certificate works fine because I no longer get certificate errors.

    I don't know much about different types of connection protocols but when I noticed that my browser (chrome) gives me a warning ("This site uses a weak security configuration (SHA-1 signatures), so your connection may not be private.") for my website and doesn't give this error for some other web sites, I did some research and found this article telling me that sha-1 lacks security: googleonlinesecurity.blogspot.co.uk/2014/09/gradually-sunsetting-sha-1.html

    Did I do some wrong choise when I was setting up my website? Is it possible to use TLS 1.2 or any other secure way that doesn't make the browsers complain while still using free certificate on ispconfig?

    Thank you in advance.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    This issue is not related to ispconfig, the ssl cipher suites are configured by the OS in the global apache ssl config file. You can disable weak SSL ciphers there. Beside that, you should check that the intermediate ssl certs that you added is using strong ciphers.
     

Share This Page